iCloud e-mail “censorship” thanks to overzealous spam filtering

Apple is apparently performing some content-based iCloud e-mail filtering, resulting in e-mails that never arrive to their intended destination. As detailed by Macworld, e-mails that included a particular phrase, even in a zipped PDF file, were prevented from getting to the intended recipient. This was regardless of whether the message was from a known sender, indicating that Apple is placing a pretty judging eye on what passes through its servers.

The issue came to light when users began noticing that e-mails with the words "barely legal teen" were having trouble arriving in their iCloud inboxes from outside senders. E-mails with the phrase in the body, an attached PDF, or a zipped attached PDF were never delivered or even returned to the sender. Instead, they simply disappeared into the ether of a nebulous black box of a filter that Apple has never made known to its iCloud customers. E-mails sent from iCloud accounts with that phrase, however, made it through, as did replies to iCloud-sent e-mails that contained the phrase.

Apple acknowledged the existence of the filter, telling Ars (and Macworld), "Occasionally, automated spam filters may incorrectly block legitimate email. If the customer feels that a legitimate message is blocked, we encourage customers to report it to AppleCare.”

But, as Macworld points out, the problem is precisely that these e-mails are blinked out of existence the second they’re sent. Customers have no way of knowing what they're not receiving unless the sender manages to follow up via another medium, or with more e-mails that don’t contain trigger phrases.

We submit that the odds of a legitimate e-mail containing the phrase “barely legal teen” are low. But the surreptitious existence of the filter makes us wonder what else Apple is frowning upon from the dark of its data centers and silently swiping out of existence and into a trash bin, never to be seen again.

61 Reader Comments

Why is Apple blocking barely legal teens? They are legal after all, even if they are barely. If this is a spam filtering attempt, then that's pretty shoddy spam filtering, especially if they are looking for it anything but the subject.

Why is Apple blocking barely legal teens? They are legal after all, even if they are barely. If this is a spam filtering attempt, then that's pretty shoddy spam filtering, especially if they are looking for it anything but the subject.

Some combination of "porn spam is a vector for malware" and "MORAL JUDGEMENT", I imagine.

Interesting article. Brings up the question again: who is Apple to determine what content I should or should not receive?

Granted, in the example given, that specific terminology would be considered suspect, unless say, I were a lawyer discussing a trial for my defendant and their interactions with a barely legal teen. Or say, if I tried to send this article via email to someone I know to share with them the news about Apple's censorship. You're filtering out information used for legitimate purposes just because it doesn't "look good" to you (you being Apple).

And that's just with those hypotheticals. What we don't know is what else may they be filtering? Or better yet...... what are they looking at themselves? As I frequently tell people I work with, "if you send it by email, assume it's being read by someone you don't want reading it," as any ISP or any server it is routed through, some has the opportunity to intercept that message.

1. I guess it was no secret that my email could/is being scanned for content, but doesn't this article make that painfully clear that the ISP's are reading my email. Is this legal? Can someone please explain?

2. Also they are unzipping my attachments and then scanning for content. See above

1. I guess it was no secret that my email could/is being scanned for content, but doesn't this article make that painfully clear that the ISP's are reading my email. Is this legal? Can someone please explain?

2. Also they are unzipping my attachments and then scanning for content. See above

Is there legal precedent for this that I'm not getting?

P.S>edited for spelling

Reading != Scanning

Emails are being scanned by an automated system, which probably has zero human interaction. That's not the same as people reading your emails.

It is, however, troubling. I'm an iCloud user and a prior Gmail user. I thought that Gmail's spam filtering was superb, but - to my knowledge - the filter always sent everything to my Spam folder, allowing me to check it.

I do not like the idea that Apple is potentially sending legitimate mail into a black hole. That said, I've never not received an email I was expecting.

1. I guess it was no secret that my email could/is being scanned for content, but doesn't this article make that painfully clear that the ISP's are reading my email. Is this legal? Can someone please explain?

2. Also they are unzipping my attachments and then scanning for content. See above

Is there legal precedent for this that I'm not getting?

P.S>edited for spelling

You, most likely than not, were told in the Terms of Service and agreed to it.

1. I guess it was no secret that my email could/is being scanned for content, but doesn't this article make that painfully clear that the ISP's are reading my email. Is this legal? Can someone please explain?

2. Also they are unzipping my attachments and then scanning for content. See above

Is there legal precedent for this that I'm not getting?

P.S>edited for spelling

At minimum, permission for them to look at your mail for anti-abuse purposes (anti spam, anti virus) is going to be granted in the terms of service. Don't like it? Feel free to run your own servers vs using a hosted service. Any hosted mail service that offers anti-spam or anti-virus features is going to be scanning the text, attachments, etc for "bad" content.

Server side content filtering at large scale is non-trivial (much harder than anti-virus on its own), especially given the many different needs/demands of a large userbase. Even if they were right 99.9% of the time, at a high volume that can still mean a meaningful number of errors.

1. I guess it was no secret that my email could/is being scanned for content, but doesn't this article make that painfully clear that the ISP's are reading my email. Is this legal? Can someone please explain?

2. Also they are unzipping my attachments and then scanning for content. See above

Is there legal precedent for this that I'm not getting?

P.S>edited for spelling

Basically, every third-party mail provider does spam and virus filtering. And it would be a pretty lame filter if all it took to get around it was for the payload to be in a zipped attachment.

Why is Apple blocking barely legal teens? They are legal after all, even if they are barely. If this is a spam filtering attempt, then that's pretty shoddy spam filtering, especially if they are looking for it anything but the subject.

Some combination of "porn spam is a vector for malware" and "MORAL JUDGEMENT", I imagine.

Uhh ... Moral Judgement? It has nothing to do with your moral judgement.

1. I guess it was no secret that my email could/is being scanned for content, but doesn't this article make that painfully clear that the ISP's are reading my email. Is this legal? Can someone please explain?

2. Also they are unzipping my attachments and then scanning for content. See above

Is there legal precedent for this that I'm not getting?

P.S>edited for spelling

At minimum, permission for them to look at your mail for anti-abuse purposes (anti spam, anti virus) is going to be granted in the terms of service. Don't like it? Feel free to run your own servers vs using a hosted service. Any hosted mail service that offers anti-spam or anti-virus features is going to be scanning the text, attachments, etc for "bad" content.

Server side content filtering at large scale is non-trivial (much harder than anti-virus on its own), especially given the many different needs/demands of a large userbase. Even if they were right 99.9% of the time, at a high volume that can still mean a meaningful number of errors.

Yup. Makes sense... Another one of those "By opening the package, you agree to the terms inside".

Apple, or any other email provider, shouldn't block any emails based on anything contained in it (that isn't known spam of course, and that's easy to spot because new types of it are incredibly obvious) . I don't care what their reasons are, no one should do it. If it has the ever popular (and entirely blown out of proportion) "terrorist" threats/information in it, the NSA is going to get it anyway.

It is, however, troubling. I'm an iCloud user and a prior Gmail user. I thought that Gmail's spam filtering was superb, but - to my knowledge - the filter always sent everything to my Spam folder, allowing me to check it.

I do not like the idea that Apple is potentially sending legitimate mail into a black hole. That said, I've never not received an email I was expecting.

This is the true problem. Any spam system needs a human interaction element in case I get a phone call from my sister who asked if I got the email complaining about her daughter who is a "barely legal teenager" but acts like she knows everything. I gotta be able to check to make sure the spam filter didn't screw up. It's not user friendly to push it into a black hole.

Also, the article is not up to the normal Ars standards I'm used to. It leaves out some of the technical information people need to know about other services and not just how but why spam filters do what they do. The best spam filters work by A) looking for common phrases that have been found to come from illegitimate business b) originate from certain IP number ranges that are known to send spam. Spam filters are not some kind of moralistic judgment on people who send emails, like some of the comments say. If the phrase "barely legal teen" got into a spam filter and is blocking all emails with that phrase, then it's administrator error because that phrase should then also be tied to a blacklist or whitelist so not every email is blocked. Or it's blocking because history says that 99.99% of emails on the internet with that phrase contained malware or a link to a site that steals card numbers, scams the user, or also contains malware.

Spam filtering is an automated process constantly being refined. There's not some prude in a tower picking phrases just to piss off the social libertarians (of which I am one of). Apple should only be taken to task for not having processes that are as good as other technical services already out there which would either cleverly not block this or provide a spam folder for people to do their own checking.

1. I guess it was no secret that my email could/is being scanned for content, but doesn't this article make that painfully clear that the ISP's are reading my email. Is this legal? Can someone please explain?

2. Also they are unzipping my attachments and then scanning for content. See above

Is there legal precedent for this that I'm not getting?

P.S>edited for spelling

Oh boy, is it legal. Not only can your email service provider scan your emails for text, but some providers (remember the scroogled ads?) scan your emails and make their contents part of the stored metadata they have about you. As far as I know most of the email hosts scan all attachments for viruses, including unzipping files. But even beyond all this, its actually legal under certain circumstances for the government to read your email or at least see you you are talking to without a warant: permission...http://www.slate.com/blogs/future_tense ... lance.html

I ran into Apple blocking emails from a local restaurant of which I'm a big fan. The ironic thing is to most businesses I give a heavily filtered temporary addresses ( sneakemail ), but to this one I gave my personal friends and family only email address because I was such a fan of their food. I would get emails sent directly by the owners checking that they had my address correctly, but stopped getting the bulk stuff mentioning what sandwich was the spotlight of the day, what the moonlight dinner special was or information about holiday dinner preorders. ( I had the sending addresess listed in my contacts as VIP even. ) Apple apparently decided that their messages were spam and they never made it to me, not even to my spam folder and didn't bounce back to Peppers either. Almost messed up my thanksgiving dinner last year, because I had ordered it though the restaurant and only got the details about it asking directly at the restaurant because iCloud decided to start blocking everything I was getting emailed about my order.

Ended up contacting apple directly and they told me that they weren't able to get the mail through to me, or even why they were blocking the messages. Only thing they confirmed is that they were blocking them and couldn't help me. I still worry about what else they may be blocking.

Aside from the discussion if Apple should scan and filter emails, the actual implementation is utterly horrible. Having e-mails disappearing without a trail of smoke is imho a more important fail that whatever happened to maps.

This issue appears to be active right now. I've finally managed to mostly transition away from Apple's services so I barely use the address any longer, but I do still have an ancient account (originally made when it was iTools). Sending test emails from a gmail account, normal emails go through near instantly, but include the phrase "barely legal teen" and they silently vanish into the ether. This offers a certain amount of mischief making potential as well. Many people use signatures, and signatures can have colored text. If someone were to edit signatures to add "barely legal teen" as white text, then for the vast majority of people the text will be effectively invisible and unlikely to ever be noticed. However, Apple will then silently dispose of every single email sent with the signature turned on. A very, very simple thing, but something that could result in a significant amount of grief for the average person to diagnose.

It's incredibly stupid behavior on Apple's part, the use of a really blunt instrument from 90s-era filtering with utterly the wrong result. We have spam metascores and the like for a reason, it's fine to check for certain phrases and then apply a big positive hit and let clients deal with it. Silent disposal should never happen, it's just begging not merely for false positives but for exploitation.

And of course there are the deeper implications in terms of inspection. Just another example to add to the long since immense pile of reasons why absolutely everyone should use pervasive signing and encryption. Everyone, S/MIME certificates will work with nearly everything modern (mostly natively), including smartphones, and a class 1 cert is completely free. GPG requires additional installations but is also entirely free. Even without any more complex authentication it's worth setting up.

I thought it was SOP pretty much everywhere that you either bounce email which may be SPAM while it's arriving, or file it away somewhere where the user can at least go and check it. To simply disappear it is really bad form, because as an email administrator you know with 100% certainty that you will have false positives.

The idea behind SMTP is that e-mail is delivered OR the sender gets back a non-delivery notification. If ${MAILHOSTER} is dropping mail without warning, i.e., not delivering it even to a "spam" folder, they're breaking a fundamental part of how e-mail works.

Lots of mail gets silently discarded in the name of spam blocking, not just by Apple. When you email a lot of people for legitimate reasons (even individual emails, not bulk), you eventually start to notice and running into problems with it. Extremely frustrating though, when people get mad at you for not contacting them despite your best efforts.

Welcome to real world mail filtering. There's a fuzzy threshold where you mark it as potential spam. There's a higher threshold where you just drop it on the floor. You never bounce it, any more than you bounce viruses (for the same reason - all that happens is you're sending a bounce to some unsuspecting poor saps email address that was used without their knowledge)

This is the way all non trivial mail filtering works. You agree to it when you use a service. Don't want that? Run your own server and set your own policy.

One of my former employers was blocking password-protected zip files in mail attachments. Took me a while to discover why data which I was sending to my office never arrived. Taking it up with the IT support would have been a waste of time, so I devised a simple trick, joining the zip file to a small jpeg image and keeping the jpeg name. Sending the unmodified jpeg along helped to automatically find the junction and split the files without prior knowledge of the file structure.

I have also used software to check submitted student reports for plagiarism. Globally exchanging one or a few of the English letters with identically looking letters from a different alphabet prevented the software from detecting otherwise blatant plagiarisms.

The point I am getting to, those who want to send embargoed material will find a way, so better educate your users to react appropriately rather than cripple their experience by obliterating random messages.

A spam is supposed to go to the spam folder. If what Apple is doing was spam filtering than that is what would have happened. But seeing that the emails are instead just vanishing, I am inclined to believe it's in fact censoring.